{"vulnerability": "cve-2022-2341", "sightings": [{"uuid": "c99a5285-f1fa-48a8-ab8b-acb68dbad6c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2341", "type": "seen", "source": "https://t.me/cibsecurity/46895", "content": "\u203c CVE-2022-2341 \u203c\n\nThe Simple Page Transition WordPress plugin through 1.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T16:33:04.000000Z"}, {"uuid": "c4ff6cc3-f57e-4a84-b08b-ea915ebc8153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23410", "type": "seen", "source": "https://t.me/cibsecurity/37459", "content": "\u203c CVE-2022-23410 \u203c\n\nAXIS IP Utility prior to 4.17.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-15T00:33:13.000000Z"}]}